This post shows students and new users the step to install and configure SSH with passwordless or passwordless keyed login. SSH supports various authentication methods. Public key authentication is more secure and convenient than traditional password authentication.
Secure Shell (SSH) is a communication protocol that allows secure communication between computers on a network. With this post, you will learn how to set up SSH key based authentication on Ubuntu Linux and log in without entering a password.
If you are a webmaster or IT professional managing an SSH server, the safest way is to set up passwordless authentication and only allow public keys.
Also, for students and new users learning Linux, the easiest place to start learning is Ubuntu Linux. Ubuntu is the modern open source Linux operating system for desktops, servers, and other devices.
To get started setting up key-based SSH authentication in Ubuntu, follow the steps below.
How to create SSH keys in Ubuntu Linux
As mentioned above, key-based authentication is the most secure way to log into an SSH server. If you have not yet created an SSH key, run the following commands to create one.
The following command generates a new 4096-bit SSH key pair with your email address as a comment.
ssh-keygen -t rsa -b 4096 -C "firstname.lastname@example.org"
After running the above commands, you will be asked to specify the filename for the keys. In most cases, the default filename and location should work.
Enter file in which to save the key (/home/yourusername/.ssh/id_rsa):
You will then be asked to enter a strong passphrase. A passphrase adds an extra layer of security, so each time you must type the passphrase before using the passphrase to log into the remote machine.
Enter passphrase (empty for no passphrase):
press ENTEROKAY without entering a password.
On your screen, all interaction should look similar to what is shown below.
Generating public/private rsa key pair. Enter file in which to save the key (/home/richard/.ssh/id_rsa): Created directory '/home/richard/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/richard/.ssh/id_rsa Your public key has been saved in /home/richard/.ssh/id_rsa.pub The key fingerprint is: SHA256:F217Tplf9iVDvyTRBRfkeXEdQfCugtgC16BrpRqQYpE email@example.com The key's randomart image is: +---[RSA 4096]----+ | .=OO| | . . +.*| | E . . o..=.| | o . o o oo+.| |.+ o oS.. ..Bo=| |o . * o.. ++==| | . + o o . ...o| | + . . | | . | +----[SHA256]-----+
Once this is done, two new files should be created in your home directory (id_rsa and id_ras.pub).
That is all! You have successfully created a key pair.
How to copy the public key in Ubuntu
Now that you have a key pair, the next step is to copy your public key to the delete SSH server. There are several ways to do it. The easiest and recommended way to copy the public key to the server is to use the ssh-copy-id tool.
Run the following command to copy your public key to a remote server.
Replace the Username and IP address of the server with your account on the remote server.
You will be prompted to enter your SSH password as key-based authentication is not configured yet.
Once authenticated, the public key ~ / .ssh / id_rsa.pub will be added to the remote user ~ / .ssh / authorized_keys file and the connection will be closed.
firstname.lastname@example.org's password: Number of key(s) added: 1 Now try logging into the machine, with: "ssh 'email@example.com'" and check to make sure that only the key(s) you wanted were added.
How to configure SSH for passwordless login
Now that you have copied your public key, the next step is to disable password authentication.
Login to the remote server with your password, then open the SSH configuration file by running the following commands.
sudo nano /etc/ssh/sshd_config
In the file, find the following lines and change the value to match them.
PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no
Save the file and close.
Restart the SSH server on the remote host.
sudo systemctl restart ssh
After that, password login should be disabled.
Then just type by typing below command to login without password prompt.
You should do that!
In this tutorial we have seen how to configure key-based SSH authentication in Ubuntu Linux. If you find any errors or want to add something below, please use the comment form.